IoT cybersecurity – Page 2 – WindowsTechs.com

By hacking one of their own homes, researchers want to open a window on IoT security

Posted on March 5, 2019 by Sean Lyngaas

A year ago, cybersecurity researchers at Trend Micro who were tinkering with home-automation systems in their spare time decided to make a formal project out of it. One of the researchers invited the others to hack his smart home in Germany and see what they could find out about the underlying protocols used in it. They quickly discovered that not only was the system susceptible to manipulation, but it was also ill-equipped to detect it. The owner of the home found himself moving from room to room, trying to figure out why his lights and window blinds weren’t working. Stephen Hilt, a senior threat researcher at Trend Micro, had inadvertently carried out a denial-of-service attack on devices running on a popular building-automation protocol in the house. The researchers knew where the attack was coming from — Hilt was using a software-defined radio to jam the devices, flooding them with noise — but they didn’t realize how effective it would be. “That was […]

The post By hacking one of their own homes, researchers want to open a window on IoT security appeared first on CyberScoop.

Continue reading By hacking one of their own homes, researchers want to open a window on IoT security→

In war against botnets, manufacturers need to step up, report says

Posted on May 30, 2018 by Sean Lyngaas

The problem of botnets — the legions of computers used to carry out distributed denial-of-service attacks — is exacerbated by the fact that developers do not have the cost incentives to build more security into their products, according to a new report from the departments of Commerce and Homeland Security. “Product developers, manufacturers, and vendors are motivated to minimize cost and time to market, rather than to build in security or offer efficient security updates,” states the report mandated by a White House executive order last year. “Market incentives must be realigned to promote a better balance between security and convenience when developing products.” The report says the government should give companies some help by prioritizing research and development funding for botnet-thwarting products, and it suggests the private sector should expedite its own work on those technologies. The R&D — in techniques like data analytics, machine learning, and artificial intelligence is — “urgently needed to get […]

The post In war against botnets, manufacturers need to step up, report says appeared first on Cyberscoop.

Continue reading In war against botnets, manufacturers need to step up, report says→

‘Orangeworm’ hacking campaign hits X-ray and MRI machines

Posted on April 23, 2018 by Sean Lyngaas

Malware from a newly disclosed hacking campaign has infected the networks of multinational health care companies, including some X-ray and MRI machines, cybersecurity firm Symantec warned Monday. The hacking group, dubbed Orangeworm, has hit a relatively small number of companies in more than 20 countries, Symantec said in an advisory. Nearly 40 percent of Orangeworm’s victims are in the health care industry, the advisory said. Manufacturers and IT companies that do business in health care have also been infected. Orangeworm’s custom malware has shown up on machines that control “high-tech imaging devices such as X-ray and MRI machines,” Symantec said. The Orangeworm revelation adds to a slew of cybersecurity challenges, including ransomware, facing the health care sector. An Indiana hospital in January paid roughly $50,000 in bitcoin to hackers that held its computer system hostage. Congress has taken notice of the sector’s vulnerabilities. House lawmakers on Friday issued a request for information asking industry […]

The post ‘Orangeworm’ hacking campaign hits X-ray and MRI machines appeared first on Cyberscoop.

Continue reading ‘Orangeworm’ hacking campaign hits X-ray and MRI machines→

Reaper authors Chinese, possibly linked to cyberspy group ‘Black Vine’

Posted on October 30, 2017 by Shaun Waterman

The authors of a sophisticated strain of malware that’s been attacking internet of things devices are almost certainly Chinese and could be connected to a Beijing-linked cyber-espionage group believed behind the Anthem health insurance hack, according to new research. Check Point Technologies — the Israeli cyber outfit that was the first to publicly identify the malware, known variously as Reaper or IoTroop — said in a technical report released this weekend that the malware authors and operators are operating out of China. “We have a very high degree of confidence about that judgement,” Yaniv Balmas, the firm’s security research group manager told CyberScoop. His conclusion comes from multiple independent factors. A unique feature of the malware, Balmas noted, was its use of a Lua environment. Lua is a lightweight, embeddable programming language designed to enable scripts to run. “We’ve never seen it [used in malware] before,” said Balmas, adding it made the malware “very agile … […]

The post Reaper authors Chinese, possibly linked to cyberspy group ‘Black Vine’ appeared first on Cyberscoop.

Continue reading Reaper authors Chinese, possibly linked to cyberspy group ‘Black Vine’→

DHS funding new round of IoT cyber startups with $1M award

Posted on February 21, 2017 by Shaun Waterman

The Department of Homeland Security has dished out nearly $1 million in competitive awards to five startups developing cybersecurity technologies for the Internet of Things. The five companies are getting the money as they advance to phase two of the Silicon Valley Innovation Program, or SVIP, run by the Cybersecurity Division of the Science and Technology Directorate. The […]

The post DHS funding new round of IoT cyber startups with $1M award appeared first on Cyberscoop.

Continue reading DHS funding new round of IoT cyber startups with $1M award→

Report: IoT devices attacked their own network

Posted on February 14, 2017 by Shaun Waterman

A university IT system was brought to a near-standstill by a cyberattack from inside its own firewall, when more than 5,000 connected devices on its internal network — from vending machines to lighting systems — became infected with malware, according to a new report. Verizon’s 2017 Data Breach Digest report, released here at the massive RSA security conference in […]

The post Report: IoT devices attacked their own network appeared first on Cyberscoop.

Continue reading Report: IoT devices attacked their own network→